Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - October 12, 2012

by: Carol~ October 12, 2012 7:00 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - October 12, 2012

by Carol~ Moderator - 10/12/12 7:00 AM

Mozilla Firefox / Thunderbird "defaultValue" Check Bypass Vulnerability

Release Date : 2012-10-12

Criticality level : Highly critical
Impact: Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Mozilla Firefox 10.x
Mozilla Thunderbird 10.x

Description:
A vulnerability has been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to bypass certain security restrictions or potentially compromise a user's system.

The vulnerability is reported in versions prior to 10.0.9.

Solution:
Update to version 10.0.9.

Original Advisory:
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html

http://secunia.com/advisories/50964/


Reply
Report offensive post
Email to friend

Mozilla Firefox / Thunderbird / SeaMonkey Multiple

by Carol~ Moderator - 10/12/12 7:06 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

Release Date : 2012-10-11
Last Update : 2012-10-12

Criticality level : Highly critical
Impact: Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Mozilla Firefox 16.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 16.x

Description:
Some vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) The protected "location" object is accessible by other domain objects, which can be exploited to bypass the same origin policy and gain access to sensitive information.

2) An unspecified error within the "FT2FontEntry::CreateFontEntry()" function can be exploited to corrupt memory.

3) An unspecified error within the "mozilla::net::FailDelayManager::Lookup()" function when handling certain websockets can be exploited to corrupt memory.

4) An error within security wrappers does not unwrap the "defaultValue" properly and can be exploited to gain access to the "location" object.

The vulnerabilities are reported in Firefox and Thunderbird versions prior to 16.0.1 and SeaMonkey versions prior to 2.13.1.

Solution:
Update Firefox and Thunderbird to versions 16.0.1 and SeaMonkey to version 2.13.1.

Provided and/or discovered by:
1) Gareth Heyes
2, 3) Reported by the vendor.
4) The vendor credits moz_bug_r_a4.

Original Advisory:
Mozilla:
http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
http://www.mozilla.org/security/announce/2012/mfsa2012-88.html
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html

Gareth Heyes:
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/

http://secunia.com/advisories/50932


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for libvirt

by Carol~ Moderator - 10/12/12 7:06 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Less critical
Impact: DoS
Where : From local network
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Description:
Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1359-1:
https://rhn.redhat.com/errata/RHSA-2012-1359.html

http://secunia.com/advisories/50958/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for quagga

by Carol~ Moderator - 10/12/12 7:06 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Less critical
Impact: DoS
Where : From local network
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for quagga. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
-- Ubuntu 12.04 LTS --

Original Advisory:
USN-1605-1:
http://www.ubuntu.com/usn/usn-1605-1/

http://secunia.com/advisories/50941/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

BigPond Wireless Broadband Gateway 3G21WB Undocumented

by Carol~ Moderator - 10/12/12 7:06 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

BigPond Wireless Broadband Gateway 3G21WB Undocumented Account and Command Injection

Release Date : 2012-10-12

Criticality level : Moderately critical
Impact: Security Bypass
System access
Where : From local network
Solution Status : Unpatched

Operating System : BigPond Wireless Broadband Gateway 3G21WB

Description:
Roberto Paleari has reported two security issues in BigPond Wireless Broadband Gateway 3G21WB, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable device.

1) The appliance includes an undocumented "Monitor" account with default credentials "bigpond1" and can be exploited to gain access to the web server.

2) An input validation error in the "ping.cgi" script can be exploited to inject arbitrary shell commands via specially crafted HTTP GET requests.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Roberto Paleari

Original Advisory:
http://archives.neohapsis.com/archives/bugtraq/2012-10/0072.html

http://secunia.com/advisories/50951/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

EMC NetWorker Module for Microsoft Applications Two

by Carol~ Moderator - 10/12/12 7:27 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

EMC NetWorker Module for Microsoft Applications Two Vulnerabilities

Release Date : 2012-10-12

Criticality level : Moderately critical
Impact: Exposure of sensitive information
System access
Where : From local network
Solution Status : Vendor Patch

Software: EMC NetWorker Module for Microsoft Applications 2.x

Description:
Two vulnerabilities have been reported in EMC NetWorker Module for Microsoft Applications, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to compromise a vulnerable system.

1) An error during the installation or upgrading of NMM on an Exchange server may result in disclosure of administrative credentials in clear text.

2) An error in NMM clients during certain channel communication can be exploited to submit unauthenticated specially crafted messages over TCP.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in versions 2.2.1, 2.3 prior to build 122, and 2.4 prior to build 375.

Solution:
Update to version 2.3 build 122 or 2.4 build 375.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
ESA-2012-025:
http://archives.neohapsis.com/archives/bugtraq/2012-10/att-0068/ESA-2012-025.txt

http://secunia.com/advisories/50957/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for firefox

by Carol~ Moderator - 10/12/12 7:27 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Highly critical
Impact: Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for firefox. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
USN-1608-1:
http://www.ubuntu.com/usn/usn-1608-1/

http://secunia.com/advisories/50929/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel

by Carol~ Moderator - 10/12/12 7:27 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Privilege escalation
DoS
Where : Local system
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 11.10

Description:
Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

Solution:
Apply updated packages.

Original Advisory:
USN-1609-1:
http://www.ubuntu.com/usn/usn-1609-1/

http://secunia.com/advisories/50952/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel (2)

by Carol~ Moderator - 10/12/12 7:27 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Privilege escalation
DoS
Where : Local system
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04

Description:
Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

Solution:
Apply updated packages.

Original Advisory:
USN-1606-1:
http://www.ubuntu.com/usn/usn-1606-1/

http://secunia.com/advisories/50961/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Cisco WebEx Recording Format Player Multiple Vulnerabilities

by Carol~ Moderator - 10/12/12 7:29 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-11
Last Update : 2012-10-12

Criticality level : Highly critical
Impact: System access
Where : From remote
Solution Status : Vendor Patch

Software: WebEx Recording Format Player

Description:
Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

4) An error in the atas32.dll module can be exploited to corrupt memory via a specially crafted WRF file.

5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.

6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

The vulnerabilities are reported in the following versions:
* T28 client builds prior to T28.4 (28.4)
* T27 client builds prior to T27LDSP32EP10 (27.32.10)

Solution:
Update to version 28.4 or 27.32.10.

Provided and/or discovered by
4) Oren Isacson, Core Security Technologies.

The vendor also credits Beyond Security, Codenomicon, and TELUS.

Original Advisory:
Cisco:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex

Core Security Technologies:
http://www.coresecurity.com/content/webex-wrf-memory-corruption-vulnerability

http://secunia.com/advisories/50905


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ServersCheck Monitoring Software Two Script Insertion

by Carol~ Moderator - 10/12/12 8:42 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

ServersCheck Monitoring Software Two Script Insertion Vulnerabilities

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: ServersCheck Monitoring Software 9.x

Description:
Two vulnerabilities have been reported in ServersCheck Monitoring Software, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via the "syslocation" and "syscontact" parameters is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected product when the malicious data is being viewed.

The vulnerabilities are reported in versions prior to 9.0.16.

Solution:
Update to version 9.0.16 or later.

Provided and/or discovered by:
loneferret

Original Advisory:
ServersCheck Monitoring Software:
http://www.serverscheck.dk/monitoring_software/release.asp

loneferret:
http://www.exploit-db.com/exploits/21866/

http://secunia.com/advisories/50959/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ServersCheck Monitoring Software Cross-Site Request Forgery

by Carol~ Moderator - 10/12/12 8:43 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

ServersCheck Monitoring Software Cross-Site Request Forgery Vulnerability

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: ServersCheck Monitoring Software 9.x

Description:
A vulnerability has been discovered in ServersCheck Monitoring Software, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user when a logged-in administrative user visits a specially crafted web page.

The vulnerability is confirmed in versions 9.0.17. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret

Original Advisory:
ServersCheck Monitoring Software:
http://www.serverscheck.dk/monitoring_software/release.asp

loneferret:
http://www.exploit-db.com/exploits/21866/

http://secunia.com/advisories/50908/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress eShop Magic Plugin "file" Arbitrary File

by Carol~ Moderator - 10/12/12 9:41 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

WordPress eShop Magic Plugin "file" Arbitrary File Disclosure Vulnerability

Release Date : 2012-10-12

Criticality level : Moderately critical
Impact: Exposure of sensitive information
Where : From remote
Solution Status : Vendor Patch

Software: WordPress eShop Magic Plugin 0.x

Description:
A vulnerability has been discovered in the eShop Magic plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "file" GET parameter in wp-content/plugins/eshop-magic/download.php is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

The vulnerability is confirmed in version 0.1.

Solution:
Update to version 0.2.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://wordpress.org/extend/plugins/eshop-magic/changelog/

http://secunia.com/advisories/50933/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBSEO "u" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 10/12/12 10:29 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: vBSEO 3.x (module for vBulletin)

Description:
MegaMan has reported a vulnerability in vBSEO, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "u" parameter in member.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation requires that "Visitor Messages" feature is enabled.

Solution:
No official solution is currently available.

Provided and/or discovered by:
MegaMan

Original Advisory:
MegaMan:
http://www.internot.info/forum/showthread.php?t=383

http://secunia.com/advisories/50842/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Omnistar Document Manager Two Cross-Site Scripting

by Carol~ Moderator - 10/12/12 10:29 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Omnistar Document Manager Two Cross-Site Scripting Vulnerabilities

Release Date : 2012-10-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Omnistar Document Manager 8.x

Description:
Benjamin Kunz Mejri has reported two vulnerabilities in Omnistar Document Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "interface" parameter in index.php and "alert_msg" parameter to index.php (when "interface" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in version 8.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Benjamin Kunz Mejri, Vulnerability Lab

Original Advisory:
http://vulnerability-lab.com/download_content.php?id=712

http://secunia.com/advisories/50847/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Thomson TWG850 Cable Modem Authentication Security Bypass

by Carol~ Moderator - 10/12/12 10:29 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-09-27
Last Update : 2012-10-12

Criticality level : Moderately critical
Impact : Security Bypass
Where : From local network
Solution Status : Vendor Patch

Operating System : Thomson TWG850 Cable Modem

Description:
A security issue has been reported in Thomson TWG850 Cable Modem, which can be exploited by malicious people to bypass certain security restrictions.

The security issue is caused due to missing authentication within the web-based management interface when processing requests with the "/goForm" URL. This can be exploited to alter any configuration setting via HTTP POST requests.

The security issue is reported in version ST9A.01.05 and ST9A.01.06. Other versions may also be affected.

Solution:
Update to version ST9A.01.12.

Provided and/or discovered by:
Glafkos Charalambous and George Nicolaou

Original Advisory:
http://dl.packetstormsecurity.net/1209-exploits/thomson-bypass.txt

http://secunia.com/advisories/50647


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close